Incomplete blacklist vulnerability in MediaWiki before 1.19.24, 1.2x before 1.23.9, and 1.24.x before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via an animated href XLink element.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2015-04-13T14:00:00

Updated: 2024-08-06T05:32:20.386Z

Reserved: 2015-04-07T00:00:00

Link: CVE-2015-2932

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2015-04-13T14:59:05.413

Modified: 2024-11-21T02:28:20.460

Link: CVE-2015-2932

cve-icon Redhat

No data.